01 Read
What happened
The RBI released its draft Guidance on Regulatory Principles for Model Risk Management, 2026, proposing a comprehensive AI governance framework for banks and financial institutions. Key provisions include mandatory 'kill switch' mechanisms for AI systems, human-in-the-loop oversight, independent validation of third-party models, board-approved Model Risk Management Frameworks, and explainability standards. The framework covers commercial banks, SFBs, NBFCs, RRBs, and credit information companies. Decommissioned models must be retained for 10 years. The draft replaces RBI's existing 2002 credit risk model guidance.
02 Understand
Why it matters
This draft framework is RBI's most ambitious intervention yet in the AI-in-finance space, and it signals a fundamental shift: AI is no longer a purely operational choice for banks — it is now a regulatory responsibility. Here's why this matters deeply.
First, the 'no black-box' mandate directly challenges how most ML models currently operate. When a bank uses AI for credit underwriting or fraud detection, and that model cannot explain why it denied a loan, that's a governance failure under this framework. RBI is explicitly requiring explainability standards — and where explainability is impossible, compensatory controls like restricted usage and intensive monitoring.
Second, the accountability for third-party AI vendors is a watershed moment. Many banks source AI tools from fintechs or global tech companies. The RBI has made clear: vendor opacity is not a defense. The bank remains fully liable for outcomes, must independently validate external models, and must negotiate audit rights into vendor contracts.
Third, the kill-switch requirement formalises human supremacy over machine decisions — critical in a country where AI-driven credit decisions could impact millions of underserved borrowers who have no recourse.
For RBI Grade B, this topic sits at the intersection of financial stability, consumer protection, technology regulation, and governance — all core ESI and FM themes. Expect passage-based MCQs pulling specific provisions and short descriptive questions on model risk governance architecture.
First, the 'no black-box' mandate directly challenges how most ML models currently operate. When a bank uses AI for credit underwriting or fraud detection, and that model cannot explain why it denied a loan, that's a governance failure under this framework. RBI is explicitly requiring explainability standards — and where explainability is impossible, compensatory controls like restricted usage and intensive monitoring.
Second, the accountability for third-party AI vendors is a watershed moment. Many banks source AI tools from fintechs or global tech companies. The RBI has made clear: vendor opacity is not a defense. The bank remains fully liable for outcomes, must independently validate external models, and must negotiate audit rights into vendor contracts.
Third, the kill-switch requirement formalises human supremacy over machine decisions — critical in a country where AI-driven credit decisions could impact millions of underserved borrowers who have no recourse.
For RBI Grade B, this topic sits at the intersection of financial stability, consumer protection, technology regulation, and governance — all core ESI and FM themes. Expect passage-based MCQs pulling specific provisions and short descriptive questions on model risk governance architecture.
Remember + Why it matters
The key recall facts and exact examiner angle for RBI Grade B are in the Crux app.
01
Key figure and date from this topic
02
Specific number or threshold to remember
03
Policy or regulatory implication
Read + Understand free forever · 30-day free trial